From alerts@us-cert.gov Mon Aug 2 07:29:38 2004
From: US-CERT Alerts
To: alerts@us-cert.gov
Date: Mon, 26 Jul 2004 17:20:44 -0400
Subject: US-CERT Cyber Security Alert SA04-208A -- New Variant of MyDoom
Virus
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Cyber Security Alert SA04-208A
New Variant of MyDoom Virus
Original release date: July 26, 2004
Last revised: --
Source: US-CERT
Systems Affected
* Microsoft Windows Systems
Overview
A new variant of the MyDoom virus is spreading through email. In
addition to infecting your computer and emailing itself to other
machines, the virus may open a backdoor that could make your
machine vulnerable to future attacks.
Solution
Avoid opening email attachments
Be sure you know the source of an attachment before opening it.
Also remember that it is not enough that the mail originated from
an email address you recognize. Many viruses spread precisely
because they originate from a familiar email address.
Maintain updated anti-virus software
It is important that you use antivirus software and keep it up to
date. Most antivirus software vendors frequently release updated
information, tools, or virus databases to help detect and recover
from virus infections. Many antivirus packages support automatic
updates of virus definitions. US-CERT recommends using these
automatic updates when possible.
Description
This variant of MyDoom (known as MyDoom.M or MyDoom.O) is
significant because it seems to be conducting searches on
addresses it harvests from infected computers. Therefore, not
only is email activity affected, response times in many popular
search engines may be dramatically reduced.
References
* MyDoom.B Virus -
* US-CERT Computer Virus Resources -
* Understanding Anti-Virus Software -
* Using Caution with Email Attachments -
* Home Network Security -
* Home Computer Security -
. Please
include the Subject line "SA04-208A Feedback".
_________________________________________________________________
Copyright 2004 Carnegie Mellon University.
Terms of use:
Revision History
July 26, 2004: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQFBBXLVXlvNRxAkFWARArVGAJ99OXSp1CagGU3QY/IpDGAt0Tkg0ACgjoLc
2E06a0cgwvuyXx31oduKJRI=
=Z63l
-----END PGP SIGNATURE-----